Quality System Process Risk Management (ISO 13485:2016)

ISO 13485:2016 has a broader view of risk management than in the past. Risks are to be considered in terms of the impact on medical device safety and performance, and in terms of meeting regulatory requirements.For managing quality system process risks, rather than adding a “Risk” section to each Standard Operating Procedure (SOP) as some have suggested, I added a new section to my Quality Manual to address risks for each quality system process, i.e. each SOP. The format of my new Quality Manual risk section is shown below. A row is included in the table for each SOP.

QSM1 section 11 example3.png

Since my Quality Manual already lists the SOPs, this makes sense to me. And by having all of the risk assessment and control information in this single document, it seems easier to manage than sprinkling risk assessment/control information into each SOP. Here is how I show risk management in my Quality Manual process interaction diagram.

QSM1 Process Flow, 21 Lucid.png

Published by Sam Lazzara

Sam Lazzara is a Biomedical Engineer (MS Case Western, BS Brown University) and Certified Biomedical Auditor with 30+ years medical device experience. Sam’s systems and documents have delighted dozens of regulatory auditors from the United States FDA, the California Department of Health, and a flock of European Notified Bodies. He has guided quality system implementation for over 20 firms, leading to third-party certification and government approvals. A medical device start-up specialist, Sam provides state-of-the-art solutions tailored to the needs of each client. He mentors clients on all aspects of quality assurance and regulatory affairs. Sam gets particularly excited about design control, risk management, and post-market surveillance.